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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . ^ This communication is responsive to 06/20/201 1 . 

2. □ An election was made by the applicant in response to a restriction requirement set forth during the interview on ; the restriction 

requirement and election have been incorporated into this action. 

3. The allowed claim(s) is/are 1,2,6,8,10 and 12-15 . 

4. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 

1 . □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

5. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

6. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 
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attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Mr. Joseph P. Mehrle on Wednesday September 21, 2011. 

The newly amended set of claims as authorized by Applicant immediately follow: 

1 . (Currently Amended) A method to manage secure communications implemented in a 
computer readable medium and to executes in e» a proxy server, the method, comprising: 

establishing, by the proxy server, a secure session on a secure site with an external client 
that communicates from an insecure site; 

detecting, by the proxy server, access attempts during the secure session directed to 
insecure transactions, the insecure transactions identified as links to a site that is external 
(external site) to, not controlled by, and not recognized by the secure site, and the access 
attempts are directed to the insecure transactions having references to resources of the external 
site; and 

transparently managing, by the proxy server, the access attempts by pre-acquiring content 
from the external site by accessing the links on behalf of the external client to pre-acquire the 
content and by scanning and inspecting the content within the secure site before determining 
whether the content should be made available to the external client during the secure session, and 
at least one access attempt associated with at least one piece of the content that is scanned 
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identifies a true insecure reference by determining that the true insecure reference is a particular 
reference that has been determined by the method to have had the piece of the content or 
metadata of the true insecure reference tampered with, and the true insecure reference is entirely 
removed from the content before the content is supplied to the external client and an event is 
reported as a custom warning inserted into the content supplied to the external client, the event 
identifies for the external client within the content that the true insecure reference was removed 
before being provided to the external client, and a number of other access attempts are associated 
with different content for other references that are secure but appear insecure, these other 
references are provided as secure references to the external client to suppress warning messages 
from being generated within the external client with these other access attempts made during the 
secure session. 

8. (Currently Amended) A method to manage secure communications implemented in a 
computer readable medium and to executes in en a proxy server, the method, comprising: 

detecting, by the proxy server, insecure transactions occurring during a secure session, 
the insecure transactions result from actions requested by an external client participating in the 
secure session; 

inspecting, by the proxy server, the insecure transactions in advance of satisfying the 
actions requested by pre-acquiring content associated with the insecure transactions before 
making available to the external client, and the insecure transactions are associated with links to 
an external site located outside a secure site associated with the secure session, and content are 
pre-acquired from the external site via the links and inspected and scanned on behalf of the 
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external client within the proxy server, and a number of references associated with some of the 
insecure references are determined to be secure, these references are translated to appear secure 

to the external client and when accessed by the external client suppress warning messages from 
occurring within the external client; and 

making, by the proxy server, a determination based on the inspection for taking 
processing actions including one or more of the following: permitting some of the insecure 
transactions to proceed unmodified by performing the actions requested for the external client; 

permitting, by the proxy server, some of the insecure transactions to proceed in a 
modified fashion; and denying some of the insecure transactions by denying the actions 
requested, and some of the insecure transactions that are denied are identified as references that 
have a World-Wide Web (WWW) cookie associated with their headers, and these references are 
entirely removed from the content before the content is supplied to the external client and the 
references entirely removed are reported as custom warning messages to the external client as an 
event within the content, the event identifies for the external client within the content that the 
true insecure reference was removed before being provided to the external client. 

DETAILED ACTION 

This Office Action is in response to the application filed on 06/20/201 1. 
Claims 1, 2, 6, 8, 10, and 12-15 have been pending. 



Reasons for Allowance 
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Claims 1, 2, 6, 8, 10, and 12-15 are allowed. 

The following is an examiner's statement for reasons for allowance: 
The prior art of record, either singularly or in combination, failed to teach the 
combination of the invention as claimed in independent claim 1 . For example, it failed to teach 
"at least one access attempt associated with at least one piece of the content that is scanned 
identifies a true insecure reference by determining that the true insecure reference is a particular 
reference that has been determined by the method to have had the piece of the content or 
metadata of the true insecure reference tampered with, and the true insecure reference is entirely 
removed from the content before the content is supplied to the external client and an event is 
reported as a custom warning inserted into the content supplied to the external client, the event 
identifies for the external client within the content that the true insecure reference was removed 
before being provided to the external client, and a number of other access attempts are 
associated with different content for other references that are secure but appear insecure, these 
other references are provided as secure references to the external client to suppress warning 
messages from being generated within the external client with these other access attempts made 
during the secure session. " 

This feature in light of other features describes in the independent claim 1 is allowable 
over the prior art of record. 

The prior art of record, either singularly or in combination, failed to teach the combination of the 
invention as claimed in independent claim 8. For example, it failed to teach "inspecting, by the 
proxy server, the insecure transactions in advance of satisfying the actions requested by pre- 
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acquiring content associated with the insecure transactions before making available to the 
external client, and the insecure transactions are associated with links to an external site located 
outside a secure site associated with the secure session, and content are pre-acquired from the 
external site via the links and inspected and scanned on behalf of the external client within the 
proxy server, and a number of references associated with some of the insecure references are 
determined to be secure, these references are translated to appear secure to the external client 
and when accessed by the external client suppress warning messages from occurring within the 
external client" 

This feature in light of other features describes in the independent claim 8 is allowable 
over the prior art of record. 

Claims 2 and 6 depend on claim 1, and are therefore considered as allowable claims. 
Claims 10 and 12-15 depend on claim 8, and are therefore considered as allowable 

claims. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Canh Le whose telephone number is 571-270-1380. The 
examiner can normally be reached on Monday to Friday 7:30AM to 5:00PM other Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Orgad Edan can be reached on 571-272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Canh Le/ 

Examiner, Art Unit 2439 
September 21, 2011 

/Edan Orgad/ 

Supervisory Patent Examiner, Art Unit 2439 



